Opened 14 years ago

Closed 12 years ago

#1014 closed enhancement (fixed)

Configurable cipher type/list setting in SIP transport TLS (thanks Tal Fromm for the suggestion)

Reported by: nanang Owned by: bennylp
Priority: normal Milestone: release-1.14
Component: pjsip Version: 1.x-branch
Keywords: Cc:
Backport to 1.x milestone: Backported:

Description (last modified by nanang)

Configuring cipher-suites can be useful in controlling security level, e.g: omitting cipher-suites with anonymous communication is recommended to prevent man-in-the-middle attacks.

Currently, ciphers preference and the order is configurable in PJLIB level, but not in PJSIP TLS transport.

Attachments (2)

1014-key_uses_cipher_code.diff (22.9 KB) - added by nanang 14 years ago.
implementation with cipher code as key, also has cipher names table
1014-key_uses_cipher_index.diff (46.1 KB) - added by nanang 14 years ago.
implementation with cipher index as key

Download all attachments as: .zip

Change History (7)

comment:1 Changed 14 years ago by bennylp

  • Milestone changed from release-1.6 to release-1.7

comment:2 Changed 14 years ago by nanang

  • Description modified (diff)

Configuring cipher-suites can be useful in controlling security level, e.g: omitting cipher-suites with anonymous communication is recommended to prevent man-in-the-middle attacks.

Currently, ciphers preference and the order is configurable in PJLIB level, but not in PJSIP TLS transport.

Changed 14 years ago by nanang

implementation with cipher code as key, also has cipher names table

Changed 14 years ago by nanang

implementation with cipher index as key

comment:3 Changed 14 years ago by nanang

  • Description modified (diff)
  • Milestone changed from release-1.7 to Known-Issues-and-Ideas

comment:4 Changed 12 years ago by nanang

  • Milestone changed from Known-Issues-and-Ideas to release-1.14
  • Version changed from trunk to 1.x-branch

comment:5 Changed 12 years ago by nanang

  • Resolution set to fixed
  • Status changed from new to closed

(In [3942]) Close #1014:

  • Added configurable ciphers setting in SIP TLS transport and pjsua app.
  • Added API pj_ssl_cipher_is_supported().
Note: See TracTickets for help on using tickets.